Staff Product Security Engineer

At Johnson & Johnsonwe believe health is everything. Our strength in healthcare innovation empowers us to build aworld where complex diseases are prevented treated and curedwhere treatments are smarter and less invasive andsolutions are our expertise in Innovative Medicine and MedTech we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow and profoundly impact health for more at

Job Function:

Job Sub Function:

Job Category:

All Job Posting Locations:

Job Description:

About Surgery

Fueled by innovation at the intersection of biology and technology were developing the next generation of smarter less invasive more personalized treatments.

Are you passionate about improving and expanding the possibilities of MedTech surgery Ready to join a team thats reimagining how we heal Our MedTech Surgery team will give you the chance to deliver surgical technologies and solutions to surgeons and healthcare professionals around the world. Your contributions will help effectively treat some of the worlds most prevalent conditions such as obesity cardiovascular disease and cancer. Patients are waiting.

Your unique talents will help patients on their journey to wellness. Learn more at are searching for the best talent for a Staff Product Security Engineer position to be located in Santa Clara CA or Cincinnati OH.

Job Description:

The Staff Product Security Engineer will be a key member of the Capital R&D organization make vital contributions to the New Product Development (NPD) pipeline and transform patient care through innovation. They are accountable for leading our NPD teams and creating a strategy to implement cybersecurity into the design and development of product hardware and software for use in cutting edge medical devices and associated capital equipment

You will be responsible for:

• Identify threats and vulnerabilities to patient safety and product integrity assess current security controls and determine potential impact of a threat and the risk level associated with threat/vulnerability pairs.
• Drive architecture requirements and design to ensure that decisions incorporate security considerations.
• Advise embedded system security software to ensure system hardening and secure coding practices.
• Support all stakeholders on patch management vulnerability handling and SBOM scanning
• Document designs and specifications per design control processes and conform to Industry Standards for Medical Device Software (IEC 62304)
  

Qualifications / Requirements:

Education:

• Bachelors degree in Computer Science Computer Engineering Cybersecurity or related degree
  

Experience and Skills

• 6 years experience (or 4 with M.S.) establishing security architecture or implementing security solutions in consumer products or medical devices
• 3 experience in a software engineering or software architectural role in a New Product Development (NPD) environment
• Proven experience with threat modeling and risk assessments for connected products or medical devices
• Ability to work autonomously and proactively seek out security opportunities within the different surgical robotics teams
• Ability to think big picture and have attention to detail aligning strategic objectives with tactical implementation.
• Proven experience with electrical and embedded software design
• Experience developing software for embedded Real-Time Operating Systems (RTOS)
• Experience developing embedded software systems using Modern C (preferably standards 17)
• A results and performance driven demeanor with strong sense of accountability
• Understanding of penetration testing vulnerability scanning and/or other general security testing principles
  

Preferred Skills & Experience:

• Experience with FDA data governance and privacy standards (HIPAA ISO 27001 UL 2900)
• Work experience with Systems Engineering activities: requirements management and development risk management and verification
• Strong collaboration proven technical leadership capabilities and conflict resolution skills
• A security certification from an accredited body is preferred and may be considered in lieu of a portion of required years of experience
• Experience working with secure boot Trusted Platform Module (TPM) Data Distribution System (DDS) and QNX

Other Requirements:

• Ability to travel up to 10% domestic US and Internationally

The anticipated base pay range for this position is $105000- $169050.

California Bay Area - The anticipated base pay range for this position is $141000 $227000.

The Company maintains highly competitive performance-based compensation programs. Under current guidelines this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporations performance over a calendar/performance year. Bonuses are awarded at the Companys discretion on an individual basis.

Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical dental vision life insurance short- and long-term disability business accident insurance and group legal insurance.

Employees may be eligible to participate in the Companys consolidated retirement plan (pension) and savings plan (401(k)).

This position is eligible to participate in the Companys long-term incentive program.

Employees are eligible for the following time off benefits:

• Vacation up to 120 hours per calendar year
• Sick time - up to 40 hours per calendar year
• Holiday pay including Floating Holidays up to 13 days per calendar year
• Work Personal and Family Time - up to 40 hours per calendar year
  

Additional information can be found through the link below.

For additional general information on Company benefits please go to: - job posting is anticipated to close on 7/22/25. The Company may however extend this time-period in which case the posting will remain available on to accept additional applications.

Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity age national origin disability protected veteran status or other characteristics protected by federal state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.

Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants needs. If you are an individual with a disability and would like to request an accommodation external applicants please contact us via internal employees contact AskGS to be directed to your accommodation resource.

• #RADSW
• #Li-Hybrid

Required Skills:

Preferred Skills: